Security Basics mailing list archives
Enterprise security review & design
From: "Mohamad Mneimneh" <mmneimneh () comium com>
Date: Mon, 14 Aug 2006 12:00:42 +0300
Hi All, I have the following scenario: - An enterprise with nearly 600 employees {LAN environment including VLANs} - Current security architecture below average; objective is to bring it up to speed - Cisco powered network {LAN switches include 6509s} - Windows XP clients in a Win 2003 based AD setup - Norton A/V deployed on the clients - Cisco/Linksys APs deployed around the campus {2 buildings, 10 floors each} As part of implementing a security architecture design, I need your advice/suggestions, in terms of applications & products, in order to meet the following requirements: - Provide a solution for assets inventory, in terms of OS & Apps - Provide an automated vulnerability assessment tool, which will regularly scan the clients and provide a means to correlate & prioritize vulnerabilities - Provide the ability to a content security solution that will protect the business from Spyware, viruses, malicious code, spam, email abuse, P2P, IM; am especially concerned with spam, P2P & IM - Ability to plan & automate the implementation of OS & applications patches, while providing a history of such updates - deploy a client based Firewall & IDS/IPS applications with centralized administration console - deploy a content filtering application for web pages, which will generate reports on internet usage per user - deploy a network forensics application, from the OS level {failed logins, access violations...} to the network infra level - deploy a network management application that will help me identify bottlenecks - WLAN management application to secure access to APs - Bandwidth consuming applications visibility; i.e. I need to monitor which applications, and which users, are consuming my WAN connections Apologies if the list of requirements is long. -Mohamad. *********************************************************************************************************************************** No employee or agent is authorized to conclude any binding agreement on behalf of Comium with another party by e-mail without expressed written confirmation by an officer of Comium. Any views expressed by an individual in this electronic message do not necessarily reflect views of Comium or its subsidiaries and associates. This electronic message and its attachments are solely addressed to the addressee's, and contain confidential information protected from disclosure belonging to Comium. If you are not the intended addressee of this electronic message and its attachments, kindly delete it immediately from your system and notify the sender by electronic mail. You must not copy this message or attachment or disclose its content to any other person. Comium does not guarantee the integrity of this electronic message and any of its attachments, or that they are free from computer viruses or other defects. ************************************************************************************************************************************ --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Enterprise security review & design Mohamad Mneimneh (Aug 14)
- <Possible follow-ups>
- Re: Enterprise security review & design krymson (Aug 17)
- RE: Enterprise security review & design Purushotham Reddy (Aug 21)
- Re : Enterprise security review & design Boubacar Fadiga (Aug 31)